MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

fix: [blog] MISP 2.4.121 release typo

pull/19/head
Dawid Czarnecki 2020-02-14 17:16:08 +01:00
parent 22a5999aaf
commit 4d9e223d41
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_posts/2020-02-12-MISP.2.4.121.released.md
View File

@ -13,7 +13,7 @@ A new version of MISP ([2.4.121](https://github.com/MISP/MISP/tree/v2.4.121)) ha
The new version includes fixes to a set of vulnerabilities, kindly reported by Dawid Czarnecki. For details, see the attached CVE information.
- A reflected XSS in the galaxy view [CVE-2020-8893](https://cve.circl.lu/cve/CVE-2020-8893)
- ACL wasn't always correctly adhered to for the discussion threads [CVE-2020-8894](https://cve.circl.lu/cve/CVE-2020-8892)
- ACL wasn't always correctly adhered to for the discussion threads [CVE-2020-8894](https://cve.circl.lu/cve/CVE-2020-8894)
- Potential time skew between web server and database would cause the brute force protection not to fire.[CVE-2020-8890](https://cve.circl.lu/cve/CVE-2020-8890)
Whilst investigating the above, we have identified and resolved other issues with the brute force protection: